Keeping Personal Assistant Devices Secure at Home: The Google Home Mini (GHM)

Team: 3

School: Eldorado High

Area of Science: Cyber Security (Computer Science)

Interim: Keeping Personal Assistant Devices Secure at Home: The Google Home Mini (GHM)
Team Number: 3
Team Members: Nancy Avila navilad.735@gmail.com
Candis Canaday candisc101@gmail.com
Gwenevere Caouette gweneverecaouette@gmail.com
Priscila Flores precelaflores10@gmail.com
Kyreen White hellu.kittycat2004@gmail.com
Teacher(s): Ms. Lunsford lunsford@aps.edu
Mrs. Glennon kglennon25@gmail.com
Sponsor: Mrs. Glennon kglennon25@gmail.com
Mentor(s): Richard Oliver
Tyler Brynn Charity

Areas of Science: Cyber Security (Computer Science)

Definition of the Problem: As of 2019, more than 26.66 Billion IoT devices have been active (LetiÄ‡). Along with the development of this technology has come the threat of hackers seeking personal information from unsuspecting users of these devices. Since consumers do not have information about what is going on with their deviceâ€™s privacy and security, there is a large amount of the unknown. One may have to give up some personal information and security to use the deviceâ€™s luxuries. What can be done to maximize the security of devices such as the Google Home Mini (GHM)?

Our Progress: Our team has started to research the security of IoT devices. As for our research, we have been reading a book titled The IoT Hackerâ€™s Handbook: A Practical Guide to Hacking the Internet of Things and learning about the different risks that the GHM is susceptible to. With our research, we have focused on understanding the following topics: IoT vulnerabilities, the Google Home Mini, the beginning steps to hacking, IoT security, Firewall, and what makes the GHM vulnerable. We have also begun to work on our code, and we have talked to a mentor about the methods and code languages we should use to develop the code that will work towards our goal. Our mentor, Brynn, who attends New Mexico Tech is helping us to understand the way firewalls work. We will continue to learn from our mentors as well as increasing research and coding.

Problem Solution:
We are focusing on how to construct what kind of test we would like to do. We are mainly focusing on voice recognition and how we are going to make that more secure. We want to see how we can make voice recognition more secure, but haven't decided on what the solution will be. At the moment, we are trying to understand the test we could do that would benefit us most. We will import our data into a spreadsheet to analyze. Two team members, Kyreen and Candis, own Google Home Minis. Candis owns the older model HOA purchased in November 2017 and Kyreen owns a newer model H0A, manufactured November 2019, 1st Generation. Using their devices, we will set out test runs to see how the GHMâ€™s voice recognition reacts to different voices and commands that are similar in sound. The phrase we will test will be â€œHey Google, play some musicâ€ and â€œOkay Google, play some music.â€ We hope that our code will become a good resource for our project and be of use for others in the future.

Coding Plan: Our coding plan this year is to expand the one we started last year. We plan to use NetLogo as our coding language this year to demonstrate what it is like for a hacker to get into your wifi, through the firewall, and into all your devices. To understand this, we are using our mentor, Brynn, to help us with Kali Linux and Virtual Box, so we can understand how a firewall works and how someone can get through one. We are going to use our code to demonstrate a method that hackers used called Man in the Middle, which is when a hacker gets into someoneâ€™s wifi and is able to get information that is sent to the internet by putting themselves in the middle of this.

Expected Results: For this project, the team wants to be able to find the GHMâ€™s vulnerabilities, how to penetrate it, and how to strengthen the fire wall. Throughout this year, we will know the GHMâ€™s vulnerabilities and whether or not our test runs with the voice recognition have been successful. We expect that our research will allow us to get information on the GHM and itâ€™s properties as well as thoroughly understanding the GHM as an IoT device. The team expects that their code will run to reflect on the research that we have done with the GHM as well as modeling a Man in the Middle attack. With our mentors, we expect that we will be able to take their input and put it into the project to further gather information that will help us in our goal for this project (making the GHMâ€™s firewall stronger).

References
Caines, M. (2019, January 10). How to Increase Firewall Protection. Retrieved November 30, 2020, from https://itstillworks.com/increase-firewall-protection-6909600.html

Can google home devices be hacked? (n.d.). Retrieved November 30, 2020, from https://support.google.com/assistant/thread/41773906?hl=en

Can Your Google Home or Google Nest Be Hacked? Here's How. (2020, October 03). Retrieved November 30, 2020, from https://robotpoweredhome.com/can-a-google-home-be-hacked/

Carey, J. (2019, October 21). Google Home and Amazon Echo apps just exposed a very dangerous security flaw. Retrieved November 30, 2020, from https://www.express.co.uk/life-style/science-technology/1193699/Google-Home-Amazon-Echo-security-flaw-exposed

A Complete Guide to Firewall: How to Build A Secure Networking System. (2020, November 13). Retrieved November 30, 2020, from https://www.softwaretestinghelp.com/firewall-security/

Features. (n.d.). Retrieved November 30, 2020, from https://www.hacksplaining.com/features

Gebhart, A. (n.d.). Everything you need to know about Google Home. Retrieved November 30, 2020, from https://www.cnet.com/how-to/everything-you-want-to-know-about-google-home/

Google Home Safety, Privacy and Security Tips. (2020, November 24). Retrieved November 30, 2020, from https://www.safety.com/google-home-safety/

Gupta, A. (2019). The IoT hacker's handbook: A practical guide to hacking the Internet of Things. Berkeley: Apress.

How Do Firewalls Work? . (2020, October 23). Retrieved November 30, 2020, from https://www.solarwindsmsp.com/blog/how-do-firewalls-work

James, L., & Luke James (8 Articles Published). (2018, November 26). 5 Essential Tips to Secure Your Google Home Device. Retrieved November 30, 2020, from https://www.makeuseof.com/tag/secure-google-home-tips/

Long, E. (2018, April 28). 5 Ways to Secure Your Google Home Device. Retrieved November 30, 2020, from https://www.tomsguide.com/us/secure-google-home,news-27076.html

NortonLifeLock, W. (n.d.). Can smart speakers be hacked? 10 tips to help stay secure. Retrieved November 30, 2020, from https://us.norton.com/internetsecurity-iot-can-smart-speakers-be-hacked.html

Porter, J. (2019, October 21). Security researchers expose new Alexa and Google Home vulnerability. Retrieved November 30, 2020, from https://www.theverge.com/2019/10/21/20924886/alexa-google-home-security-vulnerability-srlabs-phishing-eavesdropping

Ptacek, T. (2003, November 13). 10 tips for improving security inside the firewall. Retrieved November 30, 2020, from https://www.computerworld.com/article/2573934/10-tips-for-improving-security-inside-the-firewall.html

Security Tip (ST04-004). (n.d.). Retrieved November 30, 2020, from https://us-cert.cisa.gov/ncas/tips/ST04-004

Simic, S. (2020, September 30). 8 Types of Firewalls: Guide For IT Security Pros. Retrieved November 30, 2020, from https://phoenixnap.com/blog/types-of-firewalls

Smart Speakers Study (PETS20). (n.d.). Retrieved November 30, 2020, from https://moniotrlab.ccis.neu.edu/smart-speakers-study-pets20/

Spring, A., & Spring, T. (n.d.). DEF CON 2019: Researchers Demo Hacking Google Home for RCE. Retrieved November 30, 2020, from https://threatpost.com/def-con-2019-hacking-google-home/147170/

What is a Firewall? (2020, March 24). Retrieved November 30, 2020, from https://www.forcepoint.com/cyber-edu/firewall

What Is a Firewall? (2020, September 17). Retrieved November 30, 2020, from https://www.cisco.com/c/en/us/products/security/firewalls/what-is-a-firewall.html

Written by Alison Grace Johansen for NortonLifeLock. (n.d.). What is a firewall and do you need one? Retrieved November 30, 2020, from https://us.norton.com/internetsecurity-emerging-threats-what-is-firewall.html

Mentors: Richard Oliver; Tyler Brynn Charity

Team Members:

  Gwenevere Caouette
  Kyreen White
  Nancy Avila Do
  Candis Canaday

Sponsoring Teacher: Karen Glennon

Mail the entire Team